Is the file supposed to be schema.ldif once its converted that way? On Thu, Jun 30, 2016 at 9:58 AM, Todd Grayson <tgray...@cloudera.com> wrote:
> The discussion in the mail list I sent, the error emerged as it was > parsing broken schema information in the file... > > On Thu, Jun 30, 2016 at 9:55 AM, Michael Aldridge < > michael.aldri...@utdallas.edu> wrote: > >> Todd, >> >> You are correct that that is in ldif format. The ldap server gets built >> up by using the bare minimum to get it online and then all the other >> schemata and associated files are loaded in with the server online. >> >> The distro is Void Linux, with kerberos version 1.14.2. >> >> I must admit I'm struggling to see what you are seeing. The error text >> to me sounds like it can't even find the ldap backend, much less try to >> actually talk to it. Can you explain why you think this might be a >> schema error? >> >> --Michael >> >> On 06/30/2016 09:06 AM, Todd Grayson wrote: >> > Michael, I apologize but I'm not familiar with that kind of formatting >> > for the kerberos.schema file... the one I'm looking at looks like this >> > (segment). >> > >> > What linux distro/versions are you working over? >> > >> > That almost looks like the kind of format you would see converting the >> > .schema to .ldif or something? >> > >> > Not being able to parse the schema file is what I was pointing out for >> > that error... >> > >> > --- snip of kerberos.schema as provided in ubuntu --- >> > >> > attributetype ( 2.16.840.1.113719.1.301.4.1.1 >> > NAME 'krbPrincipalName' >> > EQUALITY caseExactIA5Match >> > SUBSTR caseExactSubstringsMatch >> > SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) >> > >> > ... >> > ... >> > >> > objectclass ( 2.16.840.1.113719.1.301.6.16.1 >> > NAME 'krbTicketPolicyAux' >> > SUP top >> > AUXILIARY >> > MAY ( krbTicketFlags $ krbMaxTicketLife $ >> > krbMaxRenewableAge ) ) >> > >> > >> > On Thu, Jun 30, 2016 at 12:48 AM, Michael Aldridge >> > <michael.aldri...@utdallas.edu <mailto:michael.aldri...@utdallas.edu>> >> > wrote: >> > >> > While I have not done an in depth comparison, my schema would >> appear to >> > just be a re-formatted version of the schema provided in the source >> > tree. I believe I originally obtained it from an ubuntu release >> > slightly more than a year ago. What is striking here is that this >> all >> > worked less than a month ago on my test platform. >> > >> > For the curious, here is the schema I'm using: >> > >> https://raw.githubusercontent.com/collegiumv/cv_config/master/roles/slapd/files/cn%3D%7B4%7Dkerberos.ldif >> > >> > --Michael >> > >> > On 06/30/2016 01:25 AM, Todd Grayson wrote: >> > > Got schema issues? Perhaps? >> > > >> > > >> http://blog.gmane.org/gmane.comp.encryption.kerberos.bugs/month=20131201 >> > > >> > > Magic google phrase: >> > > >> > > openldap kerberos schema "Unable to find requested database type" >> > > >> > > On Thu, Jun 30, 2016 at 12:18 AM, Michael Aldridge >> > > <michael.aldri...@utdallas.edu >> > <mailto:michael.aldri...@utdallas.edu> >> > <mailto:michael.aldri...@utdallas.edu >> > <mailto:michael.aldri...@utdallas.edu>>> >> > > wrote: >> > > >> > > Greetings, >> > > >> > > I hope I am emailing the correct list and if I am not then >> please accept >> > > my apology. I am in the process of standing up a pair of >> KDCs and I am >> > > encountering this error when attempting to create the initial >> password >> > > stash for accessing the ldap server that backs the kerberos >> database: >> > > >> > > kdb5_ldap_util: Unable to find requested database type while >> setting up >> > > lib handle >> > > >> > > The command I ran to get that error message is: >> > > >> > > sudo kdb5_ldap_util -D "cn=krbAdmService,dc=collegiumv,dc=org" >> > > stashsrvpw -f /var/krb5kdc/ldap.keyfile >> > > "cn=krbAdmService,dc=collegiumv,dc=org" >> > > >> > > I have used my best google-fu but still come up empty. I can >> see >> > > several people who seem to have had the same issue, but I >> cannot find a >> > > solution. I appreciate any insight to this error. >> > > >> > > --Michael >> > > >> > > -- >> > > Michael Aldridge >> > > Network Administrator >> > > Collegium V Honors College >> > > The University of Texas at Dallas >> > > ________________________________________________ >> > > Kerberos mailing list Kerberos@mit.edu <mailto: >> Kerberos@mit.edu> >> > > <mailto:Kerberos@mit.edu <mailto:Kerberos@mit.edu>> >> > > https://mailman.mit.edu/mailman/listinfo/kerberos >> > > >> > > >> > > >> > > >> > > -- >> > > Todd Grayson >> > > Business Operations Manager >> > > Customer Operations Engineering >> > > Security SME >> > > >> > ________________________________________________ >> > Kerberos mailing list Kerberos@mit.edu >> > <mailto:Kerberos@mit.edu> >> > https://mailman.mit.edu/mailman/listinfo/kerberos >> > >> > >> > >> > >> > -- >> > Todd Grayson >> > Business Operations Manager >> > Customer Operations Engineering >> > Security SME >> > >> >> ________________________________________________ >> Kerberos mailing list Kerberos@mit.edu >> https://mailman.mit.edu/mailman/listinfo/kerberos >> > > > > -- > Todd Grayson > Business Operations Manager > Customer Operations Engineering > Security SME > > -- Todd Grayson Business Operations Manager Customer Operations Engineering Security SME ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos